dex icon indicating copy to clipboard operation
dex copied to clipboard

Published 20 hours ago verified publisher icon dexidp

group filter in Microsoft connector

Open jagadeesh-kancherla-tfs opened this issue 11 months ago • 1 comments

Preflight Checklist

  • [X] I agree to follow the Code of Conduct that this project adheres to.
  • [X] I have searched the issue tracker for an issue that matches the one I want to file, without success.

Problem Description

We are using dex with ldap connector now switching to Microsoft connector, dex is getting all the groups from AD which causing issue for authentication

Proposed Solution

Previously we are using ldap which have filter for groups groupSearch: baseDN: dc=test,dc=com filter: "(&(objectCategory=Group)(name=K8S----))"

expecting similar group filter in Microsoft

connectors:

type: microsoft id: microsoft name: Microsoft config: clientID: clientSecret: redirectURI: tenant:

Is there any similar approach we have available in Microsoft connector?

Alternatives Considered

No response

Additional Information

No response

jagadeesh-kancherla-tfs avatar Feb 29 '24 12:02 jagadeesh-kancherla-tfs

@jagadeesh-kancherla-tfs Hello! I think you need to use groups: ["a", "b", "c"] along with useGroupsAsWhitelist: true. https://github.com/dexidp/dex/blob/f6114706f62ee32cab29e5baf6a15491339a50b4/connector/microsoft/microsoft.go#L52-L54

nabokihms avatar Mar 26 '24 19:03 nabokihms

I'm closing this issue due to its age. If you still have a problem, feel free to open a new one.

nabokihms avatar Jul 15 '24 18:07 nabokihms